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(54) SYSTEM, PROGRAM, AND METHOD FOR PROTECTING DATA 

(57)Abstract: 

PROBLEM TO BE SOLVED: To provide a system, a program, and a 
method for protecting a writable area held by each program in a system 
using an operating system such as a real time operating system loading 
all programs and data on a main storage memory and sharing a 
memory space between all the programs. 

SOLUTION: An initial setting means 5 sets page information held by 
each task in a data protection table 2 by a task unit to form a page table 
3 on the basis of this information, sets each page attribute in protection, 
and checks whether protected page information matching the task in 
operation in the data protection table 2 includes an excluded page or 
not when a page protection exclusion means 6 is called. If the excluded 
page is included, the page attribute is allowed, and a task ID is 
registered in a data permission table 4. If the excluded page is not 
included, the task in operation is suspended, and when a task switching 

means 12 switches the task, the protected page information is acquired from the data, protection table 
using a registered task ID, and the attribute of the matching page is returned to a protected condition. 
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* NOTICES * 

JPO and INPIT are not responsible for any 
damages caused by the use of this translation. 

1 .This document has been translated by computer. So the translation may not reflect the original precisely. 
2.**** shows the word which can not be translated. 
3. In the drawings, any words are not translated. 



DETAILED DESCRIPTION 



( Detailed Description of the Invention] 
[0001] 

| Field of the Invention] 

In case this invention uses such an operating system especially about the system which protects the data of a program in 
case the operating system which loads all programs and data on the primary storage, and is sharing room between all 
programs like a real time operating system is used, the program from which the data of a program are protected, and the 
protection approach, it relates to the data-protection system which prevents that other programs and the data of a task are 
rewritten by the fault of a program etc., a data-protection program, and the data-protection approach. 
[0002] 

[Description of the Prior Art] 

Conventionally, in the operating system equipped with virtual memory, it has an address space for every process, and a 
page table is updated for every change of a process. It does not break out that this rewrites the data of a current process 
to another process. 
[0003] 

However, since the real time operating system used with real-time system needs high-speed processing, it loads all 

programs and data on primary-storage memory, and is sharing room between all programs. 

[0004] 

Moreover, the address of a program and data is in agreement with a physical address. 
[0005] 

Therefore, access to the unsuitable address by the fault of a program is undetectable. 
(0006] 

There is a memory protective device as a technique of solving a problem similar to this on the other hand (for example, 

patent reference 1 reference). 

[0007] 

Two or more memory protection information storage means by which this memory protective device stores protection 
information corresponding to each memory block, It has a current key information storage means to memorize the 
attribute information about a certain memory block. Before accessing a certain memory block, a protection key is 
beforehand set as the memory protection information storage means corresponding to this memory block. Whenever it 
sets the attribute key about this memory block as the current key information storage means and there is access to 
memory block, are concurrent with this memory access. The protection key of memory block corresponding to this 
memory address within a memory protection storage means is compared with the attribute key within a current key 
information storage means. If the conditions defined beforehand are satisfied and it will not be satisfied [ permit this 
memory access and ], it is the memory protective device which notifies outside that forbade this memory access and the 
violation of access arose. 
[0008] 

Access will be permitted, if the memory-block upper address of a protection key register is in agreement here and the 

process ID of a current key register and a protection key register is in agreement. 

[0009] 

Moreover, a memory protection table is separated from the general memory which stores memory block, and a memory 
protection check is performed, without reducing a throughput by the ability being made to carry out concurrent access of 
a memory protection table and the memory block. 
[0010] 



http://www4.ipdl.ncipi.go.jp/cgi-bin/tran_web_cgi_ejje 



3/22/2007 



JP,2004-157751,A [DETAILED DESCRIPTION] 



Page 2 of 9 



|[p£itent reference 1] 

JP,5-134930,A (a paragraph [0008], [0014], [0054] - [0056]) 
[0011] 

[Problem(s) to be Solved by the Invention] 

Therefore, in the above-mentioned memory protective device, each entry of a memory protection table holds the process 
ID, and memory size becomes large from the case where a 1-bit guard bit is prepared, and general memory is separated 
another memory, and there is a problem said that the parting amount of resources increases. 
[0012] 

The protection system of the data in small equipments, such as a personal digital assistant, at least is not turned to. 
[0013] 

Moreover, before a setup of the process ID to a memory protection table etc. accesses a certain memory block, it is set 
up beforehand, but there is no means performed by summarizing a setup of all entries by initial setting, it loads [ no ] 
programs to a primary storage in early stages, and after it secures a data area, it turns to the system which operates with 
the memory map. 
[0014] 

The purpose of this invention is a system using the operating system which loads all programs and data on primary- 
storage memory, and is sharing room between all programs like a real time operating system, and offers the program and 
approach the system which protects the field (it is rewritable) which each program owns, and for protecting. 
[0015] 

A data protection system, a protection program, and an approach applicable also to a small terminal and a small 
information processor are offered without being able to lessen the increment in the processing time about primary- 
storage access, and changing an operating system subordinate's program especially. 
[0016] 

[Means for Solving the Problem] 

In the system of operating system use by which the 1st data protection system of this invention shares one room between 
a program by initial setting of a system A means to set the page information on the primary storage which each task 
owns as a data protection table per task, The page table with which the entry corresponding to the address is referred to 
at the time of primary-storage access is created based on the information on said data protection table, and it is 
characterized by having a means to set the attribute of each page of this as a protection state. 
[0017] 

An initialization means for the 2nd data protection system of this invention to set up said data protection table, to create 
said page table in said 1st data protection system based on this information, and to set the attribute of each page as a 
protection state, It has the page protection exception-handling means which will be called if a write-in demand to the 
page of a protection state is, and a task change means. Said page protection exception-handling means A means to 
confirm whether the page from which ID of the task which was being performed was acquired from said operating 
system, and the protection page information of the task of a data protection table concerned became said protection 
exception is included, A means to register it if said page is included as a result of a check, the attribute of the applicable 
page of a page table will be made into an authorized state and said task ID which was being performed will not be 
registered into the data authorization table 4, It has the means which makes hibernation the task which was being 
performed as a result of said check if said page was not included. Said task change means In case a task is changed, the 
protection page information of the task to which a data protection table corresponds if Task ID is registered into the data 
authorization table is acquired. The attribute of the page to which a page table corresponds is returned to a protection 
state, and it is characterized by having a means to eliminate the task ID of said data authorization table. 
[0018] 

An initialization means for the 3rd data protection system of this invention to set up said data protection table, to create 
said page table in said 1st data protection system based on this information, and to set the attribute of each page as a 
protection state, It has the page protection exception-handling means which will be called if a write-in demand to the 
page of a protection state is, and a task change means. Said page protection exception-handling means A means to 
confirm whether the page from which ID of the task which was being performed was acquired from said operating 
system, and the protection page information of the task of a data protection table concerned became said protection 
exception is included, A means to make the attribute of the page of a page table concerned into an authorized state if said 
page is included as a result of a check, and to register the identification information of the page into a data authorization 
table, It has the means which makes hibernation the task which was being performed if said page was not included as a 



http://www4.ipdl.ncipi.go.jp/cgi-bin/tran_web_cgi_ejje 



3/22/2007 



JP,2004- 157751, A [DETAILED DESCRIPTION] 



Page 3 of 9 



result of the check. Said task change means If page identification information is registered into the data authorization 
table in case a task is changed, the attribute of the page to which a page table corresponds will be returned to a protection 
state, and it will be characterized by having a means to eliminate said page identification information of a data 
authorization table. 
[0019] 

The 4th data protection system of this invention is characterized by having a means to create a page table, a means to set 
the page information on the primary storage which each task owns by initial setting of a system as a data protection table 
per task, and a means to set an attribute as a protection state about the protection page which said data protection table of 
a page table shows in the system of the operating system use which shares one room between a program. 
[0020] 

An initialization means for the 5th data protection system of this invention to set up said data protection table in said 4th 
data protection system, and to set the attribute of said page table-as a protection state based on this information, It has the 
page protection exception-handling means and task change means which will be called if a write-in demand to the page 
of a protection state is. Said page protection exception-handling means A means to confirm whether the page from which 
ID of the task which was being performed was acquired from said operating system, and the protection page information 
of the task of a data protection table concerned became said protection exception is included, A means to register it if 
said page is included as a result of a check, the attribute of the applicable page of a page table will be made into an 
authorized state and said task ID which was being performed will not be registeredinto a data authorization table, It has 
the means which makes hibernation the task which was being performed as a result of said check if said page was not 
included. Said task change means In case a task is changed, the protection page information of the task to which a data 
protection table corresponds if Task ID is registered into the data authorization table is acquired. The attribute of the 
page to which a page table corresponds is returned to a protection state, and it is characterized by having a means to 
eliminate the task ID of said data authorization table. 
[0021] 

An initialization means for the 6th data protection system of this invention to set up said data protection table in said 4th 
data protection system, and to set the attribute of said page table as a protection state based on this information, It has the 
page protection exception-handling means and task change means which will be called if a write-in demand to the page 
of a protection state is. A page protection exception-handling means A means to confirm whether the page from which 
ID of the task which was being performed was acquired from said operating system, and the protection page information 
of the task of a data protection table concerned became said protection exception is included, A means to make the 
attribute of the page of a page table concerned into an authorized state if said page is included as a result of a check, and 
to register the identification information of the page into a data authorization table, It has the means which makes 
hibernation the task which was being performed if said page was not included as a result of said check. Said task change 
means If page identification information is registered into the data authorization table in case a task is changed, the 
attribute of the page to which a page table corresponds will be returned to a protection state, and it will be characterized 
by having a means to eliminate said page discernment of a data authorization table. 
[0022] 

The 1st data protection program of this invention is initial setting of a system, and is characterized by have the procedure 
of set the page information on the primary storage which each task owns as a data protection table per task, and the 
procedure of create the page table with which the entry corresponding to the address is referred to at the time of primary 
storage access based on the information on said data protection table, and set the attribute of each page of this as a 
protection state. 
[0023] 

The 2nd data protection program of this invention is set to said 1 st data protection program. The initialization procedure 
of setting up said data protection table, creating said page table based on this information, and setting the attribute of 
each page as a protection state, It has the page protection exception-handling procedure which will be called if a write-in 
demand to the page of a protection state is, and the task change procedure of performing the change of a task. Said page 
protection exception-handling procedure The procedure which confirms whether the page from which ID of the task 
which was being performed was acquired from said operating system, and the protection page information of the task of 
a data protection table concerned became said protection exception is included, The procedure of registering it if said 
page is included as a result of a check, the attribute of the page of a page table concerned will be made into an authorized 
state and said task ID which was being performed will not be registered into a data authorization table, It has the 
procedure which makes hibernation the task which was being performed if said page was not included as a result of the 
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check. In case said task change procedure changes a task, if Task ID is registered into the data authorization table, the 
protection page information of the correspondence task of a data protection table will be acquired. The attribute of the 
page to which a page table corresponds is returned to a protection state, and it is characterized by having the procedure 
which eliminates the task ID of said data authorization table. 
[0024] 

The 3rd data protection program of this invention is set to said 1st data protection program. The initialization procedure 
of setting up said data protection table, creating said page table based on this information, and setting the attribute of 
each page as a protection state, It has the page protection exception-handling procedure which will be called if a write-in 
demand to the page of a protection state is, and the task change procedure of performing the change of a task. Said page 
protection exception-handling procedure The procedure which confirms whether the page from which ID of the task 
which was being performed was acquired from said operating system, and the protection page information of the task of 
a data protection table concerned became said protection exception is included, The procedure of making the attribute of 
the page of a page table concerned into an authorized state if said page is included as a result of a check, and registering 
the identification information of the page into a data authorization table, If the identification information of a page is 
registered into the data authorization table in case it has the procedure which makes hibernation the task which was 
being performed if said page was not included as a result of the check and said task change procedure changes a task The 
attribute of the page to which a page table corresponds is returned to a protection state, and it is characterized by having 
the procedure which eliminates said page discernment of a data authorization table: 
[0025] 

The 4th data protection program of this invention is characterized by having the procedure which creates a page table, 
the procedure of setting the page information on the primary storage which is initial setting of a system and each task 
owns as a data protection table per task, and the procedure of setting an attribute as a protection state about the protection 
page which said data protection table of a page table shows. 
[0026] 

the initialization procedure of the 5th data protection program of this invention setting up said data protection table in 
said 4th data protection program, and setting the attribute of said page table as a protection state based on this 
information, It has the page protection exception-handling procedure which will be called if a write-in demand to the 
page of a protection state is, and the task change procedure of performing the change of a task. Said page protection 
exception-handling procedure The procedure which confirms whether the page from which ID of the task which was 
being performed was acquired from said operating system, and the protection page information of the task of a data 
protection table concerned became said protection exception is included, The procedure of registering it if said page is 
included as a result of a check, the attribute of the page of a page table concerned will be made into an authorized state 
and said task ID which was being performed will not be registered into a data authorization table, It has the procedure 
which makes hibernation the task which was being performed as a result of said check if said page was not included. In 
case said task change procedure changes a task, the protection page information of the task to which a data protection 
table corresponds if Task ID is registered into the data authorization table is acquired. The attribute of the page to which 
a page table corresponds is returned to a protection state, and it is characterized by having the procedure which 
eliminates the task ID of said data authorization table. 
[0027] 

The initialization procedure of the 6th data protection program of this invention setting up said data protection table in 
said 4th data protection program, and setting the attribute of said page table as a protection state based on this 
information, It has the page protection exception-handling procedure which will be called if a write-in demand to the 
page of a protection state is, and the task change procedure of performing the change of a task. Said page protection 
exception-handling procedure The procedure which confirms whether the page from which ID of the task which was 
being performed was acquired from said operating system, and the protection page information of the task of a data 
protection table concerned became said protection exception is included, The procedure of making the attribute of the 
applicable page of a page table into an authorized state if said page is included as a result of a check, and registering the 
identification information of the page into a data authorization table, If page identification information is registered into 
the data authorization table in case it has the procedure which makes hibernation the task which was being performed if 
said page was not included as a result of said check and said task change procedure changes a task The attribute of the 
page to which a page table corresponds is returned to a protection state, and it is characterized by having the procedure 
which eliminates said page discernment of a data authorization table. 
[0028] 
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The initialization procedure in which the 1st data protection approach of this invention carries out initial setting of a 
system, The page protection exception-handling procedure which will be called if a write-in demand to the page of a 
protection state is, The procedure of setting the page information on the primary storage in which is equipped with the 
task change procedure of changing a task, and a task owns said initialization procedure as a data protection table per 
task, The page table with which the entry corresponding to the address is referred to at the time of primary-storage 
access is created based on the information on said data protection table. It has the procedure of setting the attribute of 
each page of this as a protection state. Said page protection exception-handling procedure The procedure which confirms 
whether the page from which ID of the task which was being performed was acquired from said operating system, and 
the protection page information of the task of a data protection table concerned became said protection exception is 
included, The procedure of registering it if said page is included as a result of a check, the attribute of the page of a page 
table concerned will be made into an authorized state and said task ID which was being performed will not be registered 
into a data authorization table, It has the procedure which mafees hibernation the task which was being performed if said 
page was not included as a result of the check. In case said task change procedure changes a task, if Task ID is registered 
into the data authorization table, the protection page information of the correspondence task of a data protection table 
will be acquired. The attribute of the page to which a page table corresponds is returned to a protection state, and it is 
characterized by having the procedure which eliminates the task ID of said data authorization table. 
[0029] 

The initialization procedure in which the 2nd data protection approach of this invention carries out initial setting of a 
system, The page protection exception-handling procedure which will be called if a write-in demand to the page of a 
protection state is, The procedure of setting the page information on the primary storage in which is equipped with the 
task change procedure of changing a task, and a task owns said initialization procedure as a data protection table per 
task, The page table with which the entry corresponding to the address is referred to at the time of primary-storage 
access is created based on the information on said data protection table. It has the procedure of setting the attribute of 
each page of this as a protection state. Said page protection exception-handling procedure The procedure which confirms 
whether the page from which ID of the task which was being performed was acquired from said operating system, and 
the protection page information of the task of a data protection table concerned became said protection exception is 
included, The procedure of making the attribute of the page of a page table concerned into an authorized state if said 
page is included as a result of a check, and registering the identification information of the page into a data authorization 
table, If the identification information of a page is registered into the data authorization table in case it has the procedure 
which makes hibernation the task which was being performed if said page was not included as a result of the check and 
said task change procedure changes a task The attribute of the page to which a page table corresponds is returned to a 
protection state, and it is characterized by having the procedure which eliminates said page discernment of a data 
authorization table. 
[0030] 

The initialization procedure in which the 3rd data protection approach of this invention carries out initial setting of a 
system, The page protection exception-handling procedure which will be called if a write-in demand to the page of a 
protection state is, The procedure of setting the page information on the primary storage in which is equipped with the 
task change procedure of changing a task, and a task owns said initialization procedure as a data protection table per 
task, According to the information on this data protection table, it has the procedure of setting the attribute of the 
correspondence page of a page table as a protection state. Said page protection exception-handling procedure The 
procedure which confirms whether the page from which ID of the task which was being performed was acquired from 
said operating system, and the protection page information of the task of a data protection table concerned became said 
protection exception is included, The procedure of registering it if said page is included as a result of a check, the 
attribute of the page of a page table concerned will be made into an authorized state and said task ID which was being 
performed will not be registered into a data authorization table, It has the procedure which makes hibernation the task 
which was being performed if said page was not included as a result of the check. In case said task change procedure 
changes a task, if Task ID is registered into the data authorization table, the protection page information of the 
correspondence task of a data protection table will be acquired. The attribute of the page to which a page table 
corresponds is returned to a protection state, and it is characterized by having the procedure which eliminates the task ID 
of said data authorization table. 
[0031] 

The initialization procedure in which the 4th data protection approach of this invention carries out initial setting of a 
system, The page protection exception-handling procedure which will be called if a write-in demand to the page of a 
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protection state is, The procedure of setting the page information on the primary storage in which is equipped with the 
task change procedure of changing a task, and a task owns said initialization procedure as a data protection table per 
task, According to the information on this data protection table, it has the procedure of setting the attribute of the 
correspondence page of a page table as a protection state. Said page protection exception-handling procedure The 
procedure which confirms whether the page from which ID of the task which was being performed was acquired from 
said operating system, and the protection page information of the task of a data protection table concerned became said 
protection exception is included, The procedure of making the attribute of the page of a page table concerned into an 
authorized state if said page is included as a result of a check, and registering the identification information of the page 
into a data authorization table, If the identification information of a page is registered into the data authorization table in 
case it has the procedure which makes hibernation the task which was being performed if said page was not included as a 
result of the check and said task change procedure changes a task The attribute of the page to which a page table 
corresponds is returned to a protection state, and it is characterized by having the procedure which eliminates said page 
discernment of a data authorization table. 
[0032] 

[Embodiment of the Invention] 

Next, the gestalt of operation of this invention is explained to a detail with reference to a drawing. The 1st example of 
this invention is explained first. 

[0033] 

Drawingl is the block diagram having shown the data protection structure of a system of this invention, and a data 
protection system is constituted by a real time operating system 1 , the data protection table 2, a page table 3, the data 
authorization table 4, the initialization means 5, and the page protection exception-handling means 6. 
[0034] 

The initialization means 5 sets the task (it rewrites) ID which owns the page address of the data which were decided 

beforehand, and to protect, pagination (die length), and its data as the data protection table 2 per task ID. 

[0035] 

Next, the initialization means 5 creates a page table 3 according to the specification of MMU (memory management 

unit) based on the information on the data protection table 2. 

[0036] 

By the primary-storage access request which programs also including a real time operating system 1 perform, the entry 

of the page table 3 corresponding to the access address is referred to. 

[0037] 

A real time operating system 1 has the task management means 1 1 and the task change means 12, and the task change 

means 12 has the page information change means 121 . 

[0038] 

The task management means 1 1 determines the task performed next according to the task information and the priority 

under activation. 

[0039] 

When a task change occurs, the task change means 12 is referred to data authorization table 4 in order to judge whether 
the data from which the task which was being performed with the page information, change means 121 is protected were 
accessed. 
[0040] 

if ID of a task is registered into the data authorization table 4, the protection page which the task owns will consider that 

it was made the authorized state by the page information change means 421 at the task activation period. 

[0041] 

And with reference to the page information which the task which was performing the data protection table 2 protects, 
according to it, the attribute of the applicable entry of a page table 3 is made into a protection state (it is return to a 
protection state), the information on the data authorization table 4 is eliminated, and the task change means 12 acquires 
the task performed next from the task management means 1 1 , and changes it to the task. 

[0042] , . , 

When Task ID is not registered into the data authorization table 4, it considers that the task which was being performed 
has not accessed a protection page, the task performed next from the task management means 1 1 is acquired, and it 
changes to the task. 
[0043] 
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When a page protection exception occurs, by the primary-storage access request which a program performs, the entry of 
the page table 3 corresponding to the access address is referred to, if the attribute is [ a demand ] writing in a protection 
state, it will become a page protection exception and the page protection exception-handling means 6 will be called. 
[0044] 

It judges whether the page protection exception-handling means 6 contains the page which the page protection exception 
generated [ the protection page information which acquired the task ID which was being performed before exception 
handling, made it the key, accessed the data protection table 2, and was acquired from the task management means 11]. 
[0045] 

The information (the task ID under activation) which shows that the attribute of the page address which the page 
protection exception of a page table 3 generated was made into the authorized state when in agreement, and the task 
under activation on the data authorization table 4 made its protection page the authorized state is written, and activation 
of a task is continued. Under the present circumstances, a postscript will not be added if the task ID under activation on 
the data authorization table 4 is already registered. When not in agreement, error information is written, and a task is 
made into hibernation. 
[0046] 

The above-mentioned initialization means 5, the page protection exception-handling means 6, and each means of a real 
time operating system 1 are realized by the program procedure in the terminal (a personal digital assistant and a cellular 
phone with an information processing function are also included) and information processor which realize a system. 
[0047] 

In addition, when accessing a primary storage only by the real address mode by the system using a real time operating 

system 1, it is not necessary to establish the logical address information on each entry of a page table 3. 

[0048] 

Next, actuation of this example is explained with reference to a drawing. Drawing! is a flow chart which shows 
actuation of a data protection system, and the procedure of a data protection program and the data protection approach. 
[0049] 

The protected data which perform an initialization process first, and set the first task to task #1 with reference to drawing 
2. , and this owns are accessed, and the case where task #1 was performed, changed to task #2, and other protection pages 
of task #1 grade carry out a write request faultily is explained. 
[0050] 

The initialization means 5 registers the page address and pagination of a page to protect into the data protection table 2 
per task (step 1). Based on the information on the data protection table 2, it doubles with the specification of MMU, a 
page table 3 is created, and the attribute of each entry is set as protection (step 2). 
[0051] 

The task which the task management means 1 1 performs next according to a priority is decided (step 3). (change 
generating to task #1) Since it confirms whether the task change means 12 has registration information in the data 
authorization table 4 and is not registered per beginning (step 4), it changes to the following task (task #1) immediately, 
and this is performed. 
[0052] 

A page protection exception occurs in primary-storage access (writing) of task #1 (step 7). 
[0053] 

The task ID (#1) which the page protection exception-handling means 6 was performing is acquired from the task 
management means 1 1 , and the protection page information of ID#1 of the data protection table 2 is acquired (step 8). 
[0054] 

Whether protection page information contains the page which the exception generated judges, it makes an authorized 
state the attribute which is the page which the exception generated since it is contained (step 9), and since the task ID 
under activation on the data authorization table 4 (#1) is not registered, this is registered (step 10). 
[0055] 

Since it judges whether it is the terminating condition of a system as activation of task #1 being completed and there is 

no terminating condition (step 13), the change to the following task (#2) occurs (step 3). (step 1 1) 

[0056] 

Since it confirms whether the task change means 12 has registration information in the data authorization table 4 and 
ID#1 is registered, this is made into a key, the protection page information (page address) of task ID#1 is acquired from 
the data protection table 2, the attribute information on the page address 001 (entry #1) of a page table 3 is returned to a 
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protection state, and the information on the data authorization table 4 is eliminated (step 5). 
[0057] 

It changes to the following task (#2), this is performed (step 6), task #2 require the writing to the protection page of task 

#1 faultily, and a page protection exception generates the task change means 12 (step 7). 

[0058] 

The page protection exception-handling means 6 acquires the task ID (#2) which was being performed, and acquires the 

protection page information of ID#2 of the data protection table 2 (step 8). 

[0059] 

And it judges with the page which the exception generated not being contained in this, and supposes that the write-in 
demand to the protection page of other (step 9) tasks was performed, and error information is written and a task is made 
into hibernation during activation (step 12). 
[0060] 

In addition, error information may be serial, and may be taken out outside, may be saved in memory, or may be 
displayed on a display. Except MMU is sufficient as memory protection hardware. 

[0061] . 
Next, the 2nd example of this invention is explained. In this example, in case a program etc. is loaded to a primary 
storage, the main storage area for a program or data is assigned by MMU or the initialization means 5, and a page table 3 
is created according to this information. 
[0062] 

The initialization means 5 sets the task (it rewrites) ID which owns the page address of the data to protect, pagination 

(die length), and its data as the data protection table 2 per task ID. 

[0063] 

Next, the initialization means 5 sets the attribute information which is the page which the protection page information of 
the data protection table 2 specifies among the entries of a page table 3 as a protection state. Other functions and 
processings are the same as that of said 1 st example. 
[0064] 

Next, the 3rd example of this invention is explained. In this example, when the attribute of the page from which the page 
protection exception-handling means 6 became the exception of a page table 3 is set as an authorized state, not the task 
ID under activation but page discernment .(a page address or page table entry number) is registered into the data 
authorization table 4 (refer to drawjngJI ). 
[0065] 

When one task carries out sequential access to its protection page and an authorized-state setup by the page protection 
exception-handling means 6 is performed each time, the sequential postscript of the page discernment is carried out at 
the data authorization table 4. [ two or more ] 
[0066] 

Moreover, in case the task change means 12 changes a task, the registration information existence of the data 
authorization table 4 is checked, if it is, the attribute which is the page which it shows will be set as a protection state, 
and the page identification information of the data authorization table 4 will be eliminated. 

[0067] 

If two or more page identification information is registered into the data authorization table 4, the above-mentioned 

actuation will be repeated and will be performed. 

[0068] 

Other functions thru/or procedure of a means is the same as that of the 1st example or the 2nd example. 
[0069] 

[ Effect of the Invention] 

According to this invention, except when a page protection exception occurs, rewriting of page information does not 
occur. For this reason, page table rewriting time amount and the processing time by the mistake hit of a page table cache 
are made few. 
[0070] 

Since the page which did not change an attribute into authorization unconditionally about the protection page of a large 
number which the following task owns especially by task change, but actually rewrote, and the demand generated is 
processed, the real-time operation of two or more tasks is carried out by time sharing, also in the small personal digital 
assistant and small cellular phone of a task with which throughput is restricted per time, excessive processing concerning 
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data protection is not performed, but the processing time can be lessened, and the simultaneous-processing nature of two 

or more tasks can also be maintained. 

[0071] 

Moreover, since the initialization means of a system sets the protection page which each program area and it own as a 
data protection table, and develops the protection page information to a page table, each page attribute is made into a 
protection state and only its page is permitted temporarily, the protection feature of data can be added, without correcting 
the program which is carrying out present condition use. [ of write-in access ] [ inner ] 
[Brief Description of the Drawings] 

[Drawing 1] The block diagram having shown the data protection structure of a system of this invention. 

[Drawing !] The flow chart which shows actuation of the data protection system of this invention, and the procedure of a 

data protection program and the data protection approach. 

[Draw ing 3] The block diagram showing the contents of the data-authorization table 4 of the 3rd example of this 
invention. 

[Description of Notations] 

1 Real Time Operating System 

1 1 Task Management Means 

1 2 Task Change Means 

121 Page Information Change Means 

2 Data Protection Table 

3 Page Table 

4 Data Authorization Table 

5 Initialization Means 

6 Page Protection Exception-Handling Means 



[Translation done.] 
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#X*M#1£ 1 2 H:*X7«J#M£L;fcJli^ ^-S?«f I8M¥© 1 2 1 l£ *) Mfi 
[0 0 4 0] 

^-^iffg^M i 2 1 (±x- ^ffnT-r-^^ 4 fu^X^O I D ^M2*lTVftfc?, 
[0 0 4 1 ] 

SffrS^X^^^#L, ^©£X^}cM*:3 0 
[0 0 4 2 ] 

^_^ ffT j r ^^-^; l/ 4fC^x^ I D tfgiS£*lT&^i§£-{±. HfxLTl^fc^X^tfM 

f#L, ^© £ X ^ So 
[0 0 4 3 ] 
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* ^ # # a * t? * n ^ - ^ ft 5 ^ - w-fflffl#a 6 * tf tii s n s . 

[ 0 0 4 4 ] 

# , * - s? # IS M Si * b fc * - s> * ^ «r n M ? 3 o 

[ 0 0 4 5 ] 

Lfce: fc*w"r«* (.tlft <o $ x 9 I D) %#£*x*0*fT*»8*"5o coKf- 

* If iff 5 1 — 7* 4 fcHfr *03^X * I DjtPRECSfllStiTV-ttitfliGl/ft^. — *LftV» 

[0 0 4 6 ] 

t?) jf»w$iu&ffls*fcfe**3 fn 9? h^m-c <fc vnmzn&o 

[ 0 0 4 7 ] 

ft* U Til/** A*^I/-f-f y^^xfA l fc^-USf 3 S'X-f.kT?, iE*Kti*7 F 
ff$g«SStfS&B«ftv>o 

[ 0 0 4 8 ] 
[0 0 4 9 ] 

I^nftT-^lCT^-bXL, #X* # 1 ff*ff Jtl?X? # 2 e« 9 T?* 
[0 0 5 0 ] 

iic^ijf^-^f-/;V3*ff)«l#x>h U (Xx>y 7 2) 

o 

[0 0 5 1 ] 

^^^tifii 1 #r?>r*y f 1 * fc«oT*fc£fT-rs*x*«ft«>s (#x^# 1 
s\(owmm§i) o *x*«#¥ai 2 (ix-^fFnr-r-^^ 4 tcfi«« is 

[0 0 5 2 ] 

#X*#l©±f3itT£-trX t^-ffiiH^^ttS (X-f f77) o 40 

[ 0 0 5 3 ] 

^-f*M»»l#*6 ft^ff bT^fc*X* ID (# 1 ) £#X*M#M 11*0 
$*#L, f-^lf-7/l'20ID#l ©M^-^1ff« (Xt 7 / 8 ) „ 

[0 0 5 4 ] 

ID (# 1 ) StSSStiTft^CJcnSfiStS (Xf«;7 1 0) o 
[ 0 0 5 5 ] 

*X*#l©*ff#*7TSfc (Xf7 7 1 1) , '/Xfi«)»7*mfl£U 
^(fttavMDT; (Xx-y7l 3) s #©*X* (#2) 'vO^i^iitS (X-r>y^3 50 
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) o 

[ 0 0 5 6 ] 

$ XtWW^&i 2 fir - ^ffFRrx-y )\> 4 CISWSS*^!?' * b» I D # 1 # 

igsnt^sce, u* + -Hf-«lr-?*2j;t)?x^ i d# i 

— (^-i/*7h*l/X) £ & f# L > ^-J/'f-7*3C^- s ;7FI/X001 (xy 

7 7"5) o 
[ 0 0 5 7 ] 

n^«iSfii2ii*o^^ (#2) {c«#k. cn**frsn (xrv/6) , #x 

^ # 2 jF**** *X * #1 ©««^-^^©-»#a**S*b^--^««(W^* { f6*t' 
£ (Xx >y 7 7 ) <> 
[ 0 0 5 8 ] 

6 S*fflT^ft>X* ID (#2) SJftWL* x-^^K-r- 

7;i/2o i d # 2 mttmmtz (xf^s) „ 

[ 0 0 5 9 ] 

tS ( X f >y 7 1 2 ) o 
[0 0 6 0] 

[ 0 0 6 1 ] 
[ 0 0 6 2 ] 

SJ«8^^#®5fi«K-rSx-^©^-^7KPXi:^-^igC (ft*) i: ^ © x - * * fiff 
f t § (ttSU) *X*IDfc*#X*I D#ttTf-*filf-7* 2 Ki^tS 

o 

[0 0 6 3 ] 
[ 0 0 6 4 ] 

4?Cf±. g|fT*©*X* I DT*fc<s "<-*«JM ..(^-^T Fl/X*^!*^-^^-^* 
[ 0 0 6 5 ] 

[0 0 6 6 ] 

[0 0 6 7 ] 
[0 0 6 8 ] 
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[0 0 6 9 ] 

[f§f?B©8!f«] 

[0 0 7 0 ] 

M"r5©T?ft < *RlC»$«*g###S£Ufe'*-^*M , *"*©T?* «»©**** 

x * © miRfffisit *ttt a * S o 

[0 0 7 1 ] 

[0ffi©ffl¥fti2fljn 

[0 1] ^fiH©-?*— ^i8'>Xf AOiS^Stfe^o y = 

[02] ^lOf-^ll^XfiOlff^T-Ml/ny^A, 7*-*««#&© 20 
[0 3] *#filfl<DS3 ©HJfi^JWx-^fFWrx-^/V 4©rtgS^t7"ti'^I» 

1 1 #X^M#© 
1 2 ^X^«##© 

1 2 1 ^-S?«««##® 

2 7*— $t#gST- — 

3 ^ — f - — 7 /i/ 

5 «9ffi!St£#gl 

6 ^-S?««Wfl-4&S!#8 
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